Remote Desktop over VPN issue

[normntwrk]

Trying to connect with MS Remote Desktop over a MS VPN to a server at a customer site. The VPN connects up just fine, the Remote Desktop session will sit there and times out.

If I assign an outside IP address to my PC with a static (inside, outside) statement in my PIX (515 6.3.1)it works just fine. I don't open any ports , just assign the outside IP.

I think it is the remote site not figuring out the NAT that I am coming from...they say it my PIX. Internet info seems to point to MTU value, I have adjusted that back and forth to no avail.

This hasn't been an issue with any other site we support.

Any thoughts?
Norm

 

[Press2Esc]

remember vpn (1723,+) & rdp (3389) are 2 diff ports.. the cisco has to allow a method to allow these services to "pass-thru" the firewall. Also the LAN client must be config'd to listen for the incoming (outside) request for connection. make sense?

P2E

 

[normntwrk]

Well yes and no....once I'm connected with the VPN (which connects just fine) the RDP traffic should travel through the VPN tunnel . I haven't ever seen this problem with any other customer and I've connected up with many many customers over the years

I still think it is on the customer end not figuring out my NATted address properly as the logs on his end have my connections (when it doesn't work) coming from 0.0.0.0

Norm

 

[burtsbees]

Is dynamic NAT set up on the PIX, with the overload statement for PAT? Post a sh run from the PIX.

Burt